Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: [LinkSec] FW: [802-11Technical] <TGi> 802.1X Controlled Port

To: Mike.Moreton@synad.com, paul.congdon@hp.com, stds-802-linksec@ieee.org, stds-802-1@ieee.org, stds-802-11@ieee.org
Subject: RE: [LinkSec] FW: [802-11Technical] <TGi> 802.1X Controlled Port
From: "Bernard Aboba" <bernard_aboba@hotmail.com>
Date: Sat, 07 Jun 2003 07:12:22 -0700
Sender: owner-stds-802-linksec@majordomo.ieee.org


>Different keys would be used for each direction where two stations are
>exchanging broadcast frames (neglecting for the purposes of explanation
>all the others who might hear them), however these keys are randomly
>generated rather than being derived from EAP.

As you state, a bi-directional EAP exchange is unnecessary because a single 
mutual authentication suffices for establishing an open link on both sides, 
as specified in RFC 2284bis, and because only one of the unicast keys 
established during the bi-directional exchange is used.  Similarly, only a 
single 4-way handshake is needed in order to establish transient session 
keys and protect the ciphersuite negotiation.

>I think it's the
>decision to use these handshakes unmodified in two directions, rather
>than create a new bi-directional handshake that leads to the requirement
>to generate two sets of keys, not anything inherent about the
>architecture of 802.11 ad-hoc.

Yes, the requirement for bi-directional authentication in IEEE 802.11i has 
nothing to do with EAP or IEEE 802.1X -- it arises purely from the design of 
the IEEE 802.11i group key exchange. While in infrastructure mode only the 
AP sends multicast traffic (and therefore only a single group key is 
needed), in adhoc mode all the stations can potentially send multicast 
traffic.  That means that there is a need for multiple group keys in adhoc 
whereas no such need exists in infrastructure mode.  Since a single IEEE 
802.11i Group Key exchange is incapable of negotiating different group keys 
in each direction, it is necessary to run two complete IEEE 802.1X 
exchanges, one in each direction.

This of course leads one to ask why a single IEEE 802.1X exchange with 
mutual authentication followed by two group key exchanges would not be 
sufficient.  If the answer relates purely to a limitation of IEEE 802.11i's 
4-way handshake and group-key exchanges, this should be made clear in the 
both IEEE 802.1X and IEEE 802.11i so that readers are not mislead into 
believing that this limitation has anything to do with EAP or IEEE 802.1X.  
This is important for future work such as LINKSEC which could potentially 
design an improved group key exchange, thereby removing the need for 
bi-directional authentication for enabling communication between two 
bridges.






Yes.  However, there is a lot of confusion about this, so it needs to be 
explained.

_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail

Prev by Date: RE: [LinkSec] FW: [802-11Technical] <TGi> 802.1X Controlled Port
Next by Date: [LinkSec] RE: [802.1] Fwd: Reviewing 802.3ah/D1.414
Prev by thread: RE: [LinkSec] FW: [802-11Technical] <TGi> 802.1X Controlled Port
Next by thread: RE: [LinkSec] FW: [802-11Technical] <TGi> 802.1X Controlled Port
Index(es):
- Date
- Thread